Easy VPN - Multiple VLANS?

Unanswered Question
Jun 7th, 2010
User Badges:

Is it possible to setup Easy VPN to support multiple VLANS on the remote side?  Specifically, I want to use network extension mode to service the data VLAN and voice VLAN (Avaya phone system).


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Coto F... Mon, 06/07/2010 - 08:31
User Badges:
  • Green, 3000 points or more


I remember there was a restriction of only being able to have a single network through the ezvpn.

Which devices are going to terminate the tunnel on the server side and the client side?


terrygwazdosky Mon, 06/07/2010 - 08:32
User Badges:

The headend device will be an ASA 5520 and I haven't decided on a remote device yet, but it would probably be an ASA5505.

Federico Coto F... Mon, 06/07/2010 - 08:44
User Badges:
  • Green, 3000 points or more

I'm 99% sure that if you have an ezvpn hardware client like an ASA 5505, you can have a single network on the remote site (being accessed through the tunnel), however I'm going to verify this.

If this was the case, have you considered a simple site-to-site IPsec configuration?


terrygwazdosky Mon, 06/07/2010 - 08:49
User Badges:


I've done it with /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} site-to-site IPsec in the past, but I was just learning about EasyVPN in my CCSP studies and got to wondering if I could use it instead for a work from home setup for one PC and one hardware IP phone.

Federico Coto F... Mon, 06/07/2010 - 10:49
User Badges:
  • Green, 3000 points or more

EasyVPN will work just fine when there's a single network behind the EasyVPN client.

But as far as I've seen the improvements to allow more networks in the client side are only for IOS.

So, if you have an ASA 5505 on the client side, you can have a single local network.



This Discussion